two AS announce config migration 1.6.6 -> 2.0.12
Hello. I need to announce one autonomous system from under another so that the path "world -> AS65007 -> AS65065" must be visible from the outside world. I successfully do it on version 1.6.6 (config-file and 'show route' from live system with changed ip-addresses in attach). Exactly the same method does not work on version 2.0.12 - for unknown reason I get ALL imported from second AS static routes in the unreachable state (bird-2.0.12-config with 'show route' at the end of file). Has something changed in the work process of the bird, or am I doing something wrong? bird 1.6.6 on debian 10 / kernel 4.19.181 bird 2.0.12 on debian 11 / kernel 5.10.179 Peering interfaces on both systems are created as follows: auto enp129s0.699 iface enp129s0.699 inet static address 10.99.11.1/30 vlan-raw-device enp129s0 auto enp129s0.699:0 iface enp129s0.699:0 inet static address 10.99.11.2/30 vlan-raw-device enp129s0
On Wed, Jul 26, 2023 at 11:00:26PM +0300, nixx wrote:
Hello.
I need to announce one autonomous system from under another so that the path "world -> AS65007 -> AS65065" must be visible from the outside world. I successfully do it on version 1.6.6 (config-file and 'show route' from live system with changed ip-addresses in attach).
Hello That is an interesting question. By usint 'multihop 2' you implicitly changed gateway mode for TestMain from 'direct' to 'recursive', which means that it tries to resolve 192.168.200.100 in the master table. But that is the same for both v1.6 and v2.0. Perhaps there is some detail that you have direct protocol in v1.6 but not in v2.0? What you get from commands: show route for 192.168.200.100 show route protocol TestMain all ? -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
show route for 192.168.200.100 and show route protocol TestMain all in attachments. On Thu, 27 Jul 2023 at 02:40, Ondrej Zajicek <santiago@crfreenet.org> wrote:
On Wed, Jul 26, 2023 at 11:00:26PM +0300, nixx wrote:
Hello.
I need to announce one autonomous system from under another so that the path "world -> AS65007 -> AS65065" must be visible from the outside world. I successfully do it on version 1.6.6 (config-file and 'show route' from live system with changed ip-addresses in attach).
Hello
That is an interesting question. By usint 'multihop 2' you implicitly changed gateway mode for TestMain from 'direct' to 'recursive', which means that it tries to resolve 192.168.200.100 in the master table. But that is the same for both v1.6 and v2.0.
Perhaps there is some detail that you have direct protocol in v1.6 but not in v2.0?
What you get from commands:
show route for 192.168.200.100
show route protocol TestMain all
?
-- Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On Thu, Jul 27, 2023 at 04:39:23AM +0300, nixx wrote:
show route for 192.168.200.100 and show route protocol TestMain all in attachments.
Has something changed in the work process of the bird, or am I doing something wrong?
Yes, it seems that there is a minor change in interpretation of 'next hop keep' option. In v1.6 it affected both originating and forwarding of the bgp_next_hop attribute, while in v2.0 it affects just forwarding of an existing attribute (as during originating, there is no bgp_next_hop to keep). Therefore TestPeer when originating these routes is used its IP address as bgp_next_hop, it used its IP address as bgp_next_hop, as it is expected for EBGP peer when the original route has gw on different iface. Simple workaround is to set bgp_next_hop manually in TestPeer export filter, e.g.: bgp_next_hop = gw; Also note that in v2, you could simplify the setup by removing TestPeer and just adding ASN 65065 to bgp_path either in static protocol import filter, or in TestMain export filter: bgp_path.prepend(65065); This would not work in v1.6, as there was a different order of processing export filter and internal BGP attribute processing. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (2)
-
nixx -
Ondrej Zajicek